The Ultimate Business Machine - Archives

MailServe and LDAP

If you're waiting for news on the LDAP front, I've got news for you. I've managed to get the mail server authenticating against the LDAP Server database.

Basically, what I have is Dovecot authenticating against the passwords stored in the LDAP Server, rather than the built-in OS X accounts' password system. And then I get Postfix to use the LDAP authentication so set up, for its own SMTP authentication. And it works, with or without SSL.

I did so many things and tried so many variations, so now I have to take a step back and figure out just what I did to make this work. Then I will make new versions of MailServe and the LDAP Enabler that will do all this for the user with just one click on their respective Enablers.

Actually I might have gotten most of this working in Chengdu last week, so it was a pretty productive week, even though I was traipsing around Chengdu.

I think what I didn't realise, until I got back to Singapore, was that the PAM module for LDAP that I was using, pam_ldap.so, needs to be built again for the x86_64 processor that is the default in Mountain Lion. I was using a pam_ldap.so that was a fat PPC/i386 binary - absolutely useless on Mountain Lion - and that explains the crashes whenever PAM was called which was whenever a user tries to authenticate against the LDAP Server. I banged my head against the wall so many times in Chengdu. It only cleared when I got back to Singapore, and then it became crystal clear what the problem was. It's a mystery how the mind works.